2.5 KiB
PerfSPEC Learning Phase
Based in PrefSPEC: Performance Profiling-based Proactive Security Policy Enforcement for Containers document presented in [1], thir repository contains source files used to generate and process data.
Main Reference: PrefSPEC document as White paper
How to install covers basic enviroment,tools, and recommendations.
PerfSPEC
[!NOTE] With
PerfSPECSecurity Policies can be managed / watched in Proactive mode by using ranking, learning and profiles for safetiness and performance.
has three phases:
- Ranking
- Learning
- Runtime
This repository is focused in Learning phase with attention on:
- Event logs info load and process
- Predictive learning model
Note: It is considered that event data collection in
raw-audit-logs.log.xzare realistic and representative to simulate administrative operations.
Files
raw-audit-logs.logcontains raw Kubernetes audit logs collected using theaudit-policy.yamlaudit policy.
Tools are distributed in directories:
As some tasks can be used in Python or Rust there are or will be directories for each programming languge inside directories tasks.
Each task/programming-language use a common data directory where processing output files is generated.
Collect data
If you wish to collect your own dataset, there are several source files that might help:
collect/collect.pyis a script to trigger the installation and uninstallation of public Helm repositories.collect/helm-charts.jsonis a backup of Helm charts used at the time of the collection.